hanno

hanno, 1 year ago to random

I recently asked chatgpd about, well, myself. And it was quite an interesting experience, because it illustrates very well what the problem with ChatGPT is. If you know me, well, you know that I did quite some work in IT security. ChatGPT knows that as well. 🧵

hanno, 1 year ago to random

about that nuclear fusion thing, it appears it's not going so well... https://www.scientificamerican.com/article/worlds-largest-fusion-project-is-in-big-trouble-new-documents-reveal/

hanno, 1 month ago to random

Is GNU software really free software? I may legally have the freedom to study it, but it is wrapped in so much GNU buildsystem obscurity that studying it is impossible without a PhD in GNU buildsystem crap. So I don't really have the freedom to study it.

hanno, 4 months ago to random German

Stinkender Dieselzug. Was könnte man tun? Vielleicht ein Wasserstoffzug? Oder irgendeine Möglichkeit, den Strom aus diesen bereits so praktisch darüber verlaufenden Leitungen zu verwenden? ...

hanno, 1 month ago to random German

Was mich ja an diesem erneuten aufwärmen der Atomdebatte so ärgert ist wie irrelevant das ganze ist. Ich meine reden wir doch mal klartext: Die Atompolitik in Deutschland wird sich nicht mehr ändern, und zwar völlig unabhängig davon wer regiert. Es wird ja niemand ernsthaft erwarten dass man die jetzt im Rückbau befindlichen Kraftwerke nochmal anschaltet. 🧵

hanno, 11 months ago to random German

Weiß nicht ob das andere auch so wahrnehmen, aber ich hab das Gefühl der Umgang mit rechten Vorfällen wie Sonneberg oder Burg verschiebt sich. Weg von "was können wir dagegen tun?", hin zu dingen wie "ich werde vermeiden da jemals hinzugehen". Gerade die Vorfälle in Burg werden sicher auch verstärkt dazu führen dass vernünftige Leute aus solchen Regionen wegziehen. Weil sie wissen: Sie kriegen im Zweifel keine Unterstützung.

hanno, 10 months ago to random German

Will mir jemand beim Korrigieren einer Radroute in Openstreetmap helfen? Ich hab das mit den Relations seit ewigkeiten nicht mehr gemacht und komme weder mit dem Web-Editor noch mit JOSM auf Anhieb klar. Die diversen Radwege die links von Berkau nach unten verlaufen sind neuerdings nicht mehr dort, sondern der Weg der rechts von Berkau nach unten weggeht. https://www.openstreetmap.org/node/247352781#map=13/51.9656/12.7058 #openstreetmap

hanno, 7 months ago to random German

Bei vielen E-Fuels-Projekten muss man nur mal 3 kritische Fragen stellen und plötzlich wirkt das alles sehr komisch, aber irgendwie macht das kaum jemand... Ich glaube ich könnte auch fulltime-efuels-debunker werden, aber ich seh mich da garnicht so sehr in der rolle und mach das eher weil macht ja sonst keiner...

hanno, 5 months ago to random German

Ich weiß ja nicht ob das allen klar ist, aber wenn man einen Preis anhebt, damit das eine Lenkungswirkung hat, und dann dafür gleich einen Ausgleich zahlt, dann ist die Lenkungswirkung wieder weg. https://www.spiegel.de/wirtschaft/soziales/pendlerpauschale-oekonomen-lehnen-erhoehung-ab-a-f700fa36-97b1-487c-a735-cf69a7bbad11

hanno, 1 month ago to random

Some proprietary software lobbyists are trying to spin the xz story as an "anti open source" story, and I see demands like "you shall only use opensource software if you have a contract with someone guaranteeing support and security". I'd be curious: Can I see the contract those people have with Microsoft or whatever company you never heard of that wrote the firmware in their wifi card that guarantees the same for the closed source software they're using?

hanno, 1 month ago to random

Due to a new regulation, green electricity providers in the EU+EEA have to provide their customers information about the countries of origin of their electricity (or the certificates, which... isn't really the same, but I disgress...). If you got something like that lately, can you scan it or make a photo and send it to me? https://hboeck.de/en/contact.html I'd be particularly interested to see those from the "real" green electricity providers.

hanno, 4 months ago to random

HOWTO meaningful URLs - or not. What do you think the date of this document is? (Spoiler: It's not 2018.) /cc @openclimatedata probably interesting for you, I remember you like to complain about confusing IPCC websites. Source: https://www.ipcc.ch/site/assets/uploads/2018/03/srccs_chapter7-1.pdf

hanno, 3 months ago to random

Well...
Does the category of "February the 29th" bug already exist? Because I just found one in my own code...

hanno, 5 months ago to random

To everyone who was looking forward to my talk at #37c3 or wanted to meet me there: Unfortunately, this morning a Covid-19 test in my family was positive. My own test does not (yet?), though I feel mild cold symptoms. I feel under this circumstances it would be irresponsible to go to the congress. 🧵

hanno, 3 months ago to random

In 2004, a documentary movie was published (Supersize Me) where the filmmaker Morgan Spurlock eat nothing but mcdonalds food for 30 days. Like probably many, I saw that movie back then and liked it. I had read before that there were some doubts about some of the things described in the movie. What I didn't know until now was that very likely, some key parts of that movie are false and some of the health effects he described likely due to alcohol consumption 🧵

hanno, 3 months ago to random

I have given a talk at the Nullcon security conference about HSTS, why we have it in the first place, and an HSTS bypass vulnerability in Mozilla Firefox. Unfortunately, it seems something went wrong with the recording. I'd like to give the talk again so it gets recorded. Any recommendations for events that might like to have that talk? Preferrably: In or near Berlin, not too far in the future, and of course with a reliable setup to record talks.

hanno, 5 months ago to random German

Aus der Kategorie "Leider keine Satire": Pharma-Lobbyverband spricht sich für Homöopathie aus, weil das ist ja eine superdupi alternative wenn es gerade lieferengpässe bei wichtigen Medikamenten gibt https://www.verbaende.com/news/pressemitteilung/gerade-in-zeiten-von-lieferengpaessen-braucht-es-mehr-therapieangebote-158444/

hanno, 18 days ago to random

Ich würde gerne die Programmierer der Bahn-Webseite und App zwingen, Ihre Tests grundsätzlich im Wlan eines ICEs an einem zufälligen Punkt in Deutschland durchzuführen. Ich glaube dann wäre die zuverlässigkeit unter instabilen Internetbedingungen eine andere

hanno, 1 month ago to random

Does Python really have no DNS functionality built in at all beyond resolving IPs? I have a use case where I need to get a TXT record, and everything I can find recommends dnspython. If possible, I'd like to avoid adding a dependency.

hanno, 5 months ago to random

Security vulnerabilities in Antivirus software are no big deal, right? I mean, they never get exploited for real, right? Like this one, where Barracuda just ran a random, unaudited perl library with eval in it as part of its Antivirus, and then some malware used it. That's basically a non-issue some infosec people like to overblow because they don't like AVs. https://www.barracuda.com/company/legal/esg-vulnerability

hanno, 1 month ago to random

I have seen my fair share of strange reactions and rejections by bugbounty plattforms, but this is new: Rejected, because the report mentions a CVE. No, I have no idea what they are thinking. (I can only guess that they get lots of low quality reports from automated tools mentioning CVEs. But the idea that a security report that mentions a CVE is invalid is... whatever...)

hanno, 3 months ago to random

Followerpower: what kind of client applications support HSTS? Obviously all modern browsers. wget and curl also support it. Anything else that's relevant?

hanno, 1 month ago to random

Do I know anyone who knows BIMI from the technical / protocol side? I'm neither interested in the PR pitch nor in people complaining (correctly) that it's a moneymaking scheme. I have some specific questions about details about the protocol implementation that seem very odd to me.

hanno, 3 months ago to random

What is a good way to get files from a laptop (linux) to an android phone? I find whatever I do super annoying. Cable is annoying. Anything Internet is out, because too slow. Synthing kinda does what I'd like if it was reliable, but it tends to only work every now and then, and regularly fails with problems where I don't find solutions.

hanno, 2 months ago to random

In case anyone from @1password is reading this, you may want to get in touch with me. I have reported a security vulnerability via their bugbounty program, and bugcrowd's staff thinks it's "not applicable", in my view clearly misinterpreting the program's rules. I am pretty sure it's something they want to address. I may consider other means of disclosure if this is "not applicable" for their bugbounty program..